Mikael Nordfeldth
1c042028dc
PCRE modifier /e is deprecated in favour of preg_replace_callback()
2013-10-06 03:27:16 +02:00
Mikael Nordfeldth
b0dfc70a54
Properly unlink all old avatars when deleting/uploading a new
...
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.
To set Avatar max size, adjust $config['avatar']['maxsize']
The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00
Mikael Nordfeldth
858d9cc3c4
maxNoticeLength test for url-shortening failed on maxContent==0
...
maxContent==0 implies that a notice text can be infinitely long, but
this value was directly transferred to maxNoticeLength, where 0 was
tested if it was longer than the notice length - which of course always
was false.
This commit fixes the problem for infinite length notices that always
got shortened.
2013-09-25 22:48:32 +02:00
Emily O'Leary
81a357ed5e
Putting in functionality so that sites with the "Sometimes" SSL setting allow for users with plugins such as HTTPSEVERYWHERE who wish to use HTTPS to do so without having errors pop up. Specifically this references this issue: http://status.net/open-source/issues/3855#comment-48988 .
...
(Port detection test removed by MMN-o. Also switched order on the test for
isHTTPS/SensitiveAction.)
2013-09-10 11:06:53 +02:00
Mikael Nordfeldth
2a4dc77a63
The overloaded DB_DataObject function staticGet is now called getKV
...
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV
sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)
If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!
This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)
Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00
Evan Prodromou
9b97adc7ad
Squashed commit of the following:
...
commit 2b9bce9ef8f6cf55b7ac62231bcc0173260ba472
Merge: 3ba4f24 12b680e
Author: Evan Prodromou <evan@status.net>
Date: Mon Aug 13 14:31:46 2012 -0400
Merge commit 'refs/merge-requests/207' of git://gitorious.org/statusnet/mainline into merge-requests/207
commit 12b680e375db9de01cac77dd9a71adb729292dc7
Author: Mikael Nordfeldth <mmn@hethane.se>
Date: Fri Aug 10 20:49:52 2012 +0200
testing whether $user is predefined before otherwise setting it to common_current_user()
2012-08-13 14:34:31 -04:00
Evan Prodromou
fb31ff1af7
better better call
2012-04-24 13:19:09 -04:00
Evan Prodromou
9c286feb5f
fix bad function name
2012-04-24 13:17:54 -04:00
Evan Prodromou
64b03439b5
Check for HTTP_HOST before fetching it
2012-04-24 12:55:09 -04:00
Evan Prodromou
540c545399
Don't replace URLs if 'shortened' version is longer, unless forced
2011-09-26 17:05:35 -04:00
Evan Prodromou
12588b1cf7
Merge commit 'refs/merge-requests/166' of git://gitorious.org/statusnet/mainline into merge-requests/166
2011-09-21 15:24:17 -04:00
Evan Prodromou
11f2a3d551
Merge branch '1.0.x' into nummedout
2011-09-14 12:20:37 -04:00
Evan Prodromou
15ae1cddfe
two useful functions for profiling
2011-09-14 12:19:29 -04:00
Evan Prodromou
40924842f4
new URLMapper without Net_URL_Mapper
2011-09-14 12:15:56 -04:00
Antonin Kral
ab4f4dbab4
add Connection: close when sending redirect
2011-09-08 11:45:34 +02:00
Evan Prodromou
0022bb8110
fix calls to staticGet() to avoid problems with default args
2011-08-22 18:06:06 -04:00
Evan Prodromou
513c54fa89
Merge branch 'master' into 1.0.x
...
Conflicts:
lib/common.php
2011-08-02 15:04:14 -04:00
Evan Prodromou
edb3f704b9
correctly include UTF-8 alphanum chars in tags
2011-08-02 14:03:12 -04:00
Evan Prodromou
10ce44c297
cleanse tags of non-tag characters when canonicalizing
2011-08-02 13:49:00 -04:00
Zach Copley
b925eeecde
Fix errors thrown by code trying to broadcast profiles via OMB when the OMB plugin isn't installed
2011-08-02 01:15:30 -07:00
Zach Copley
6f0bd73e6c
Squashed commit of the following:
...
Move OMB to a plugin
commit 75d21f00246bcc56d7f854936be1e28395e079a2
Merge: cea0199 d594d07
Author: Zach Copley <zach@status.net>
Date: Fri Jul 15 11:16:54 2011 -0700
Merge branch 'kill-omb2' of gitorious.org:~zcopley/statusnet/zcopleys-clone into kill-omb2
* 'kill-omb2' of gitorious.org:~zcopley/statusnet/zcopleys-clone:
Fix paths
Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore
Some odds and ends
Remove omb stuff from queuemanager defaults
Add check to make sure we're not untagging an OMB profile to OMB plugin
Move some more subscription stuff and peopletag checks to OMB plugin
Move some OMB-specific unsubscribe stuff to OMB plugin
Finish removing libomb from core extlibs
Fix more conflicts
Fix queuing/queuehandling
Move some stuff around; fix references
Fix conflicts
Move OMB-specific files to OMB plugin
Move some stuff around; fix references
Add OMB plugin README and rm references to OMB in mail StatusNet README
Update paths
Fix define
Basic plugin finished
Move OMB-specific files to OMB plugin
Remove OMB stuff from router
commit cea019967f343042ebaea14b7bbb0d54289bcc1a
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 14:38:40 2011 -0700
Fix paths
commit d412aa3c0ea0e21e65a72a16c7b9edd64ff373e1
Author: Zach Copley <zach@status.net>
Date: Tue Jul 12 18:17:06 2011 -0700
Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore
commit b459c9f10ac283d6e774ef13f3293fc8a6948143
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 19:02:08 2011 -0700
Some odds and ends
commit 895cfbfce58ffb3a05beebf48a90c549e00f1cce
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 19:01:23 2011 -0700
Remove omb stuff from queuemanager defaults
commit b41b9e994f291ff83afb2460d9b37aee8ec1ec2b
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 18:46:44 2011 -0700
Add check to make sure we're not untagging an OMB profile to OMB plugin
commit 94374d26ddd428dac8e4cd4541fd56db748c248b
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 18:34:20 2011 -0700
Move some more subscription stuff and peopletag checks to OMB plugin
commit b91043b7820d5cd8b0ba4e9ee2a9d03c99248f11
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 16:37:25 2011 -0700
Move some OMB-specific unsubscribe stuff to OMB plugin
commit d9430fe52975d9497b4a0d3d54da35b222e207ad
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 15:26:30 2011 -0700
Finish removing libomb from core extlibs
commit bb6257eb85cc7ba392e91468c01503f51faeb989
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 12:47:32 2011 -0700
Fix more conflicts
commit 3c760d0a4b4a083ae5fca2530d22aad5f4a9fdae
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:49:22 2011 -0700
Fix queuing/queuehandling
commit ed635fa0c20e150673709c04ecc7f285d12e0ce2
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:29:35 2011 -0700
Move some stuff around; fix references
commit cbc553a147941cad16e205a6b66ab4b32a5e3d3d
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 12:46:05 2011 -0700
Fix conflicts
commit 5d77c81f75b57f5d5357d6b46d503650a4b3225d
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:38 2011 -0700
Move OMB-specific files to OMB plugin
commit 2ed051dbce0ce9b44723b14922026849c39ed603
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:29:35 2011 -0700
Move some stuff around; fix references
commit 8809b5e35b1aacb67d70ae3e55a43003b6f591b7
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:28:59 2011 -0700
Add OMB plugin README and rm references to OMB in mail StatusNet README
commit 35ced4067c1915baca0b3e184f9533a91a951d2d
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:50:09 2011 -0700
Update paths
commit 0ee5bafbce95fc9b8db98c1e828d33d26d08bc73
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:38:03 2011 -0700
Fix define
commit e309dd22ffb9087d7fcf9180ede4f531dbd88c3c
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:30:43 2011 -0700
Basic plugin finished
commit 00f1e930f27e080b04d1e82952f7886c84e01d97
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:38 2011 -0700
Move OMB-specific files to OMB plugin
commit 39dcd031a79b49da0b4fe25f1594d2e406b5eb65
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:01 2011 -0700
Remove OMB stuff from router
commit d594d071be1ec42518dd5465db61e01e7e8ec036
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 14:38:40 2011 -0700
Fix paths
commit 48c1064b4b50e89cf51d2cab388f708f60601247
Author: Zach Copley <zach@status.net>
Date: Tue Jul 12 18:17:06 2011 -0700
Oops, I left out the ability to authorize a token in ApiStatusNetOAuthDataStore
commit 1e1168978f38c31dbf0206b3493b2b6dcbe61589
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 19:02:08 2011 -0700
Some odds and ends
commit ac43af2b497d8b9286c49a9469a1dff950e41650
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 19:01:23 2011 -0700
Remove omb stuff from queuemanager defaults
commit 2471af2f8800515a3db544b3a186a18f3e8a43af
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 18:46:44 2011 -0700
Add check to make sure we're not untagging an OMB profile to OMB plugin
commit df974646459ac6d5d97a40d008f1aab66f998226
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 18:34:20 2011 -0700
Move some more subscription stuff and peopletag checks to OMB plugin
commit 8a1427b759e791c14a7a7a22128ba05f0b4b6d12
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 16:37:25 2011 -0700
Move some OMB-specific unsubscribe stuff to OMB plugin
commit bd24220dbb5170af22ea0dea8a3062e6d1aeb6a2
Author: Zach Copley <zach@status.net>
Date: Wed Jul 6 15:26:30 2011 -0700
Finish removing libomb from core extlibs
commit 4c3c6f1fabb0f2c92635ccc5e8f38db2293f5456
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 12:47:32 2011 -0700
Fix more conflicts
commit db44deefd731a412685c5669c4c6fa69833de922
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:49:22 2011 -0700
Fix queuing/queuehandling
commit ea2d84d2f3d518950d3aa1956ddc8f3a25ca55f3
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:29:35 2011 -0700
Move some stuff around; fix references
commit 8ac3e010444b41bd9a78766f5e37e49dff023b45
Author: Zach Copley <zach@status.net>
Date: Wed Jul 13 12:46:05 2011 -0700
Fix conflicts
commit 0aad6e10e3637b3189a87b42c24c1d6de1b346bc
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:38 2011 -0700
Move OMB-specific files to OMB plugin
commit d982d7076c5cb28c7b8e4b1dde8d07d7e58e278f
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:29:35 2011 -0700
Move some stuff around; fix references
commit 4b9d39c93562ff4c45c37c940013e8b78197dec1
Author: Zach Copley <zach@status.net>
Date: Tue Jul 5 15:28:59 2011 -0700
Add OMB plugin README and rm references to OMB in mail StatusNet README
commit dab0fb6647a85e6835298496d7127a398b6b9293
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:50:09 2011 -0700
Update paths
commit 2cb73dac8ad971f1545dcf6ba57746c777e232ef
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:38:03 2011 -0700
Fix define
commit 6f226b18a059f175b1bdd3abcb8cb95eedc22ee7
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 23:30:43 2011 -0700
Basic plugin finished
commit 7be304beaa0f39755c3978e0b852fde768950da4
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:38 2011 -0700
Move OMB-specific files to OMB plugin
commit 5b30da01cfa2802d6e7a4a4a4f39b8043c54f472
Author: Zach Copley <zach@status.net>
Date: Thu Jun 30 19:10:01 2011 -0700
Remove OMB stuff from router
2011-07-15 12:13:57 -07:00
Evan Prodromou
13d479bc18
stop sending OMB by default
2011-06-27 13:02:32 -04:00
Evan Prodromou
90eb09624c
let users login with email address
2011-05-02 15:17:08 -07:00
Evan Prodromou
d09df28040
utility functions for setting config options in memory
2011-04-26 16:50:42 -04:00
Evan Prodromou
28d0d9caad
loop through args in common_markup_to_html
2011-04-18 09:51:26 -04:00
Evan Prodromou
b72788d9ce
pass args from Docfile to renderer
2011-04-18 09:47:08 -04:00
Evan Prodromou
99d538af58
docfiles can take arguments
2011-04-18 09:03:43 -04:00
Evan Prodromou
e53edc2b6b
allow user properties in documentation files
2011-04-18 06:17:28 -04:00
Zach Copley
0f9d6f4c82
DirectoryPlugin - Hijack router mapping for normal groups page to substitute a directory page
2011-04-13 15:09:45 -07:00
Zach Copley
e75c9988eb
Merge branch 'people_tags_rebase' into 1.0.x
...
Conflicts:
EVENTS.txt
2011-04-10 08:10:01 +00:00
Evan Prodromou
c382a1d8cc
fix errant class in notice content
2011-04-09 17:05:59 -04:00
Evan Prodromou
ec1579474c
add classes to profile and group links in notices
2011-04-09 15:42:27 -04:00
Shashi Gowda
5a2bab07b2
Merge remote-tracking branch 'mainline/1.0.x' into people_tags_rebase
...
Conflicts:
actions/tagother.php
classes/Profile.php
classes/Profile_tag.php
js/util.min.js
2011-03-30 15:47:42 +05:30
Evan Prodromou
83fb5e6023
Mass replacement of #-comments with //-comments
...
like leprous boils in our code. So, I've replaced all of them with //
comments instead. It's a massive, meaningless, and potentially buggy
change -- great one for the middle of a release cycle, eh?
2011-03-22 11:54:23 -04:00
Shashi Gowda
31c1177970
Merge branch '1.0.x' into people_tags_rebase
...
Conflicts:
EVENTS.txt
actions/peopletag.php
actions/tagother.php
classes/Notice.php
js/util.js
js/util.min.js
lib/accountprofileblock.php
lib/action.php
lib/activityobject.php
lib/command.php
lib/personalgroupnav.php
plugins/OStatus/OStatusPlugin.php
2011-03-22 07:56:25 +05:30
Siebrand Mazeland
a4e334a0ba
Translator documentation added/updated.
...
i18n updates.
Superfluous whitespace removed.
2011-03-18 18:03:41 +01:00
Evan Prodromou
c99f6f6afc
remove a bunch of common_debug() calls for url shortening
2011-03-16 10:26:14 -04:00
Shashi Gowda
4b8ee81ca9
Utility functions for people tags
2011-03-06 23:33:39 +05:30
Zach Copley
b7d0746694
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/confirmaddress.php
actions/emailsettings.php
actions/hostmeta.php
actions/imsettings.php
actions/login.php
actions/profilesettings.php
actions/showgroup.php
actions/smssettings.php
actions/urlsettings.php
actions/userauthorization.php
actions/userdesignsettings.php
classes/Memcached_DataObject.php
index.php
lib/accountsettingsaction.php
lib/action.php
lib/common.php
lib/connectsettingsaction.php
lib/designsettings.php
lib/personalgroupnav.php
lib/profileaction.php
lib/userprofile.php
plugins/ClientSideShorten/ClientSideShortenPlugin.php
plugins/Facebook/FBConnectSettings.php
plugins/Facebook/FacebookPlugin.php
plugins/NewMenu/NewMenuPlugin.php
plugins/NewMenu/newmenu.css
2011-02-28 15:39:43 -08:00
Brion Vibber
2bd9532ebe
Merge branch 'master' into 0.9.x
2011-02-28 10:18:18 -08:00
Brion Vibber
6a6584741f
Fix for ticket #2248 : flickr etc URLs that contain @ in the paths etc no longer accidentally trip the mailto: thingy
2011-02-25 15:46:35 -08:00
Brion Vibber
0291c6f7cd
Merge branch 'unicode-tag' into 0.9.x
2011-02-25 10:17:03 -08:00
Brion Vibber
295e2bde56
Unicodize a couple regexes for tags: fixes linking & detection of non-ASCII tags that match the current regexes.
...
(Checks for 'letter' and 'number' characters, underscore, dash, and period.)
2011-02-23 16:37:55 -08:00
Evan Prodromou
1525acdca1
Extend authorization framework to cover login and API use
...
I've extended the rights framework (centering on the Right class and Profile::hasRight()) to cover
Web login and API use. This will make it possible to prevent login and API use by users.
I added two new Right constants to the Right class: WEBLOGIN and API. I check these rights using
Profile::hasRight() when initializing users. If the rights check fails, I throw an exception.
I created a new AuthorizationException class for this particular
exception, in order to allow a different UI for these kinds of exceptions (or whatever).
2011-02-21 10:20:42 -05:00
Brion Vibber
de7726dd00
Performance counters: records number of total and unique cache get/set/incr/deletes and queries, and logs to syslog.
...
$config['site']['logperf'] = true; // to record & dump total hits of each type and the runtime to syslog
$config['site']['logperf_detail'] = true; // very verbose -- dump the individual cache keys and queries as they get used (may contain private info in some queries)
Seeing 180 cache gets on a timeline page seems not unusual currently; since these run in serial, even relatively small roundtrip times can add up heavily.
We should consider ways to reduce the number of round trips, such as more frequently storing compound objects or the output of processing in memcached.
Doing parallel multi-key lookups could also help by collapsing round-trip times, but might not be easy to fit into SN's object model. (For things like streams this should actually work pretty well -- grab the list, then when it's returned go grab all the individual items in parallel and return the list)
2011-01-31 13:12:56 -08:00
Evan Prodromou
570c7b63a2
Add internal URL shortener
2011-01-23 16:49:12 -05:00
Brion Vibber
9df856e667
Merge branch '0.9.x' into merge
...
Conflicts:
README
actions/hostmeta.php
classes/File_redirection.php
lib/common.php
lib/designsettings.php
lib/router.php
lib/util.php
lib/xmppmanager.php
plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Brion Vibber
2617c40e04
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
classes/User.php
2010-12-06 12:44:19 -08:00
Brion Vibber
76f3dc32e0
Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account.
2010-12-06 12:39:09 -08:00
Brion Vibber
aa96c3c1d9
Fix for tickets #2917 , #2262 : user URL shortening options not being applied in non-web channels
...
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.
Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.
Note also ticket #2919 : there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Brion Vibber
3f0557aa8e
General code safety: validate input and escape SQL strings in common_relative_profile()
2010-11-29 16:44:01 -08:00
Brion Vibber
82799f675f
Add Nickname test cases for @-reply regexes in common_find_mentions
2010-11-29 15:07:55 -08:00
Brion Vibber
dc350b5463
Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh.
2010-11-29 14:15:25 -08:00
Brion Vibber
6c4e5a89c1
Add some doc comments on nickname-related stuff in util.php
2010-11-29 11:31:10 -08:00
Zach Copley
645a4d1754
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-11-17 22:16:08 +00:00
Brion Vibber
197b56778a
Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
...
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Zach Copley
bd566b6f85
Merge branch '0.9.x' into facebook-upgrade
2010-11-16 02:32:46 +00:00
Zach Copley
5b94d9e86b
Merge branch '0.9.x' into facebook-upgrade
2010-11-09 23:16:17 +00:00
Brion Vibber
883f7a6c0b
Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly.
2010-11-08 13:27:54 -08:00
Brion Vibber
b716d01a41
Merge branch '0.9.x' into 1.0.x
2010-11-03 16:09:49 -07:00
Brion Vibber
dc4fafbbd1
General cleanup & part of ticket #2864 : use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens.
2010-11-03 12:59:19 -07:00
Zach Copley
764a297383
Output filename in log msg if one is supplied
2010-11-02 23:13:20 +00:00
Brion Vibber
b26eccf33c
Merge branch '0.9.x' into 1.0.x
2010-10-28 16:26:34 -07:00
Craig Andrews
22a0cf6251
Set cookies with "secure" flag on SSL sites. Improves security.
2010-10-26 17:55:09 -04:00
Brion Vibber
ca489631db
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/subscriptions.php
lib/router.php
lib/xmppmanager.php
lib/xmppoutqueuehandler.php
2010-10-25 13:08:57 -07:00
Zach Copley
78396db28a
Forgot to add the OAuth verifier pin page to sensitive array
2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71
We don't need to have editapplication (only showapplication) in the
...
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae
Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
...
available
2010-10-25 11:52:17 -07:00
Brion Vibber
8004e2809d
Fix for ticket #2845 : singleuser nickname configuration was being overridden by site owner in router setup.
...
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Brion Vibber
7765ddae81
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
lib/default.php
2010-10-18 12:17:11 -07:00
Evan Prodromou
7c05b0dafc
options to nofollow external links in notices
2010-10-18 11:29:52 -04:00
Brion Vibber
6c959c83ce
Merge branch '0.9.x' into 1.0.x
2010-10-07 13:32:26 -07:00
Brion Vibber
5e0f3e7bd4
Workaround for regression in input validation due to more PCRE oddities. Recommend redoing common_validate_utf8() using something more reliable, perhaps. :P
2010-10-07 12:32:10 -07:00
Brion Vibber
71176b9a98
Merge branch '0.9.x' into 1.0.x
2010-10-06 13:07:29 -07:00
Brion Vibber
ebfa8bce27
Basic validation of UTF-8 input via GET/POST vars: invalid UTF-8 sequences will cause the string to drop. Not necessarily super-thorough; should be improved in future to drop individual bad sequences, do normalization of combining forms, etc. General input validation (for ints, types of strings, etc) still would be good to have!
2010-10-06 13:00:30 -07:00
Brion Vibber
59119482ca
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
actions/hostmeta.php
actions/imsettings.php
classes/User.php
lib/adminpanelaction.php
lib/channel.php
lib/default.php
lib/router.php
lib/util.php
2010-10-04 12:54:36 -07:00
Brion Vibber
aef42e2f65
Don't spew a notice warning to output while processing logging for PEAR DB errors
2010-09-20 16:52:22 -07:00
Brion Vibber
64cdbe6c55
Ticket #2750 : fixes to HTTP caching behavior across login/logout boundaries
...
* now ignoring if-modified-since if we failed an etag if-none-match comparison, per spec
* now including a hash of user id/nickname in most etags, so we'll update the view properly after login/logout
For API methods, checking the API-auth'ed user. (Many change results to include things like 'you're subscribed to this user' or 'this is one of your favorites', so user info is again needed)
There'll still be some last-modified stamps that aren't including user info properly, probably.
2010-09-20 13:42:58 -07:00
Siebrand Mazeland
85154a49d0
Add plural support for minutes/hours/days/months ago.
...
Reapply of revised b27882c916
that was reverted by Brion Vibber in 2d4c0f9a47
.
2010-09-16 00:07:47 +02:00
Brion Vibber
2d4c0f9a47
Revert "Add plural support for minutes/hours/days/months ago." -- currently doesn't work and spews error messages
...
This reverts commit b27882c916
.
2010-09-15 14:10:18 -07:00
Siebrand Mazeland
6817420e6c
Remove trailing whitespace and update comment consistency on methods.
2010-09-13 21:10:52 +02:00
Siebrand Mazeland
b27882c916
Add plural support for minutes/hours/days/months ago.
2010-09-13 21:10:51 +02:00
Evan Prodromou
a319b40c97
common_cache_key() -> Cache::key()
2010-09-06 10:07:43 -04:00
Evan Prodromou
e42d2124a3
common_keyize() -> Cache::keyize()
2010-09-06 10:03:51 -04:00
Evan Prodromou
c2de44a530
remove NOOP function common_broadcast_notice()
2010-09-06 09:59:08 -04:00
Evan Prodromou
8f81762d68
common_memcache() => Cache::instance()
2010-09-06 09:56:45 -04:00
Brion Vibber
2196d00b1b
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
lib/command.php
2010-09-02 15:04:25 -07:00
Brion Vibber
4cbbfdab84
Fix for #2635 : use ssl-sometimes settings for Twitter settings & auth pages
2010-09-02 10:55:26 -07:00
Evan Prodromou
7183175429
Merge branch 'master' into 1.0.x
2010-08-13 14:33:41 -07:00
Brion Vibber
f7d599f8ea
Fix for ticket 2513: "Can't linkify" error when some links are shortened
...
When bogus SSL sites etc were hit through a shortening redirect, sometimes link resolution kinda blew up and the user would get a "Can't linkify" error, aborting their post.
Now catching this case and just passing through the URL without attempting to resolve it. Could benefit from an overall scrubbing of the freaky link/attachment code though...! :)
http://status.net/open-source/issues/2513
2010-08-12 15:25:32 -07:00
Evan Prodromou
9f0715a993
Merge branch '0.9.x' into 1.0.x
2010-08-03 16:05:03 -07:00
Brion Vibber
974c4df029
Ticket 2433: Skip locale fallback list check on Windows ('locale -a' shell-out doesn't work there)
2010-07-12 09:56:32 -07:00
Brion Vibber
b1a68e15b7
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
lib/default.php
lib/util.php
plugins/UrlShortener/UrlShortenerPlugin.php (has been removed?)
2010-06-10 15:37:06 -07:00
Brion Vibber
d88b208edc
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
plugins/OpenID/openid.php
2010-06-07 10:19:40 -07:00
Brion Vibber
5f4c6ec626
Skip enqueueing to outgoing bridges on incoming remote messages. Twitter, Facebook, RSSCloud, and OStatus checks were enqueued on these when they'd never do anything but churn the queue servers.
...
Notice::isLocal() can replace a number of manual checks for $notice->is_local being LOCAL_PUBLIC or LOCAL_NONPUBLIC.
2010-06-03 16:58:45 -07:00
Brion Vibber
6eae5d6a7e
Merge branch 'testing' into 0.9.x
2010-05-21 13:15:08 -07:00
Brion Vibber
708d22848e
Quick fix for creating OpenID accounts authenticating against a MediaWiki site; trim the 'User:' etc from the final path segment before generating a nickname from it. Avoids ending up with nicks like 'userbrion' on your first OpenID login!
2010-05-19 16:19:06 -07:00
Brion Vibber
c4203be9a4
Merge branch '0.9.x' into 1.0.x
2010-05-19 12:52:23 -07:00
Brion Vibber
7005ef6661
Merge branch 'testing' into 0.9.x
...
Conflicts:
plugins/OpenID/openidlogin.php
2010-05-19 12:51:25 -07:00
Brion Vibber
74a89b1fc3
Locale switch cleanup: use common_switch_locale() which is safer for updating gettext state. Also moved a few calls to reduce chance of hitting an exception before switching back.
...
Should help with problems where xmppdaemon would get stuck in wrong locale.
2010-05-19 10:10:55 -07:00